Resetting lock code
1 Attachment(s)
Well, I was uber stupid and forgot my lock code. >.< Reflashed and I was at least able to get back into the device. But I could not get my code back (the mtd1 hack was of no use here: the code is now encrypted...).
But the libraries in charge of device locking have an interesting trait: write **** to the lock code area of where it is stored and it will be reset to 12345. Attached is a program that will do just that. Warning: It is writing to a very critical part of the N900. I will take no responsibility whatsoever if it messes up your N900. It worked for me (i.e. I was able to reboot fine and change the code fine. Multiple times, actually. I tested quite a few times.) but I cannot ensure it will do the same for you. Use at your own risk. It disables the autolock upon bootup, writes **** to the lock code area, brings up the control panel applet from which you MUST change it from 12345. Run as root, prefixing it with run-standalone.sh. |
Re: Resetting lock code
Updated. Now uses a safer method.
|
Re: Resetting lock code
Quote:
Well figured out :) |
Re: Resetting lock code
So you can actually bypass the code by typing actual asterisk ?
The old grep -A 13 lock_code /dev/mtd1 still gives 12345 but a 2nd result show up and looks as you said encrypted... it's 13 char long so my guess is that it's simple DES. It's also preceded by 7 bytes ... not sure what they are. Though it must have been padded with some value as i can't seem to crack it fast for a 5 char code... Any idea what is used ? :-) EDIT: uhm, interestingly, changing the code back to 12345 and then back to mine i get different hash. Would the previous 7 bytes (actually it varied in size, but i'm just judging from visual chars on my terminal) just be the salt? |
Re: Resetting lock code
Uhm, never mind, actually running the hash through john the ripper gave me my password after 7 minutes (Single core at 2.4Ghz).
So to get your password back, don't risk editing the mtd1 directly, just do this: Code:
echo root:$(grep -A 13 lock_code /dev/mtd1|tail -1): As a side note (reference), this works with 1.2009.42-11.002 ... we'll see how it changes with time. |
Re: Resetting lock code
Quote:
I thought I was going to spend the rest of my time with the n900 dreading the day I or a friend accidentally hit the secure device button. john ripped through that in no time! |
Re: Resetting lock code
This thread...........
Is soooo not comforting. |
Re: Resetting lock code
Quote:
If your worried about the latter, let me remind you that I had to reflash the phone and blasted all of the files I had on here along with all my settings and applications. So yes, someone could pinch a n900, reflash, retrieve pw, and use it... but the data would have been safely nuked into the ether. |
Re: Resetting lock code
The fact that the encryption is so bad it takes mere minutes to crack it...
Don't get me wrong.. locking yourself out of a device sucks......... the ability to hack the device this easily... not comforting. |
Re: Resetting lock code
Well it is DES apparently. I think that has been kind of trivial to crack for a few years. Would you rather we all ship our n900s to the Authorized Nokia Repair Center and take it in the rear in shipping and "repair" charges? Because despite being under warranty and what that sweet old lady told me on the phone I'm pretty certain they were going to end up charging me if I sent it in. I don't believe this would be covered under the warranty.
If someone has physical access to a computer the information stored on it is no longer safe, short of being in a truecrypt vault. The thief could just reformat the whole thing and sell it, start using it, or pop the hard drive in a ide/usb adapter and sift through all the precious data. At least the phone makes you jump through some slightly more challenging hoops. |
Re: Resetting lock code
Reformat is one thing.. and I think if you lock yourself out of the device then you pretty much should be forced to wipe (as a reflash or wipe should actually reset the lock code).. thus losing data.
Take my laptop for example, I keep the hard drive encrypted. If someone steals or I lose my laptop - I don't care if they sell it off after wiping my drive so much as I don't want them getting access to my emails, phone numbers, addresses, names of all my friends, software I'm working on (since I should have backups of this anyway), etc. If they can just plop in a Linux Live-CD and mount my drive and see everything... totally defeats the purpose of the encryption anyway.. and the option may as well not even exist. From what I'm seeing - the "security" code is nothing more than security through obscurity. You're just "hoping" they don't know they can just "crack" it like that. This is why setting passwords for Outlook PST's or Word files are pointless... even microsoft themselves release "tools" that either remove or crack the password for PST's and word docs because so many people "Forget" their password. ..... So... what was the point again in setting one? |
Re: Resetting lock code
Quote:
Also, it's not so much that DES is weak... it's that the password is only numerical and probably 5 digits. If it was alphanum and 8+ chars it would take eternity to crack for any practical purpose (Unless you're against the NSA, in which case you shouldn't be trusting only this level of security ... well, and just hide under a rock :P) |
Re: Resetting lock code
That Live-CD thing was meant for the laptop reference... not the N900.
I'm saying if I "encrypted" my drive and yet someone could just pull up the drive anyway.. it's futile. Maybe considering these devices do have a keyboard... Nokia should implement a "pass phrase" instead of a PIN. Cuz you are correct.. in any algorithm of encryption a brute force of 5-number password will be easy - unless they move to some form of PKI solution. But again.. all this just means that to me.. "securing" the device is really just to prevent my childish co-workers from setting my background to being a picture of a naked Rick Astley or sending random love texts to my contacts.... It doesn't actually make the device "secure". |
Re: Resetting lock code
Quote:
Actually, even if the password was stronger i doubt it would secure more of the device as it's probably possible to enable some R&D mode... But like any computer, physical access is hard to secure if you don't have full encryption on. Of course, if it had full root encryption with only a 1% battery drain hit and with the help of a specific co-processor, i'd be much more happy i guess, but that won't happen anytime soon. And I'd rather be able to recover my password through ssh (which does ask a password too!) than have to send the device back for some security by obscurity proprietary solution from them. :-) |
Re: Resetting lock code
maybe I'm just too dumb, but after installing rootsh, going to xterm, doing sudo gainroot and then executing run-standalone.sh.a.out gets me nothing. I have to say, that auto-lock is not on, but I do not have the lock code (warehouse deal from amazon, someone set it already).
anyone can help? |
Re: Resetting lock code
It should be "run-standalone.sh a.out" (without quotes). If it still doesn't work, make sure you're in the right dir and post the exact error message here.
|
Re: Resetting lock code
looks like I misinterpreted prefix here :D
error message is: /usr/bin/run-standalone.sh: line 11: a.out: Permission denied so I thought about: chmod +x a.out, but I cannot change rights... edit: it's been a long time since I used a shell on linux... just made a copy with root and done ;) works great! |
Re: Resetting lock code
GUys.... i have lost my lock code. please since im not a pro in technologhy, tell me how to get back in my device, i dont want to know my pasword, just want to get in. how do i flash it?
|
Re: Resetting lock code
Quote:
So if you are still interested in recovering your lock code without reflashing, and only if you had installed an openssh server in your N900 so you can remotely access it from your PC, then please read comment #5 of this thread, get your encoded code, transfer it to your PC (scp) and feed it to a DES decoder. A Google search will show you a plenty of linux/windows/mac DES decoders. Otherwise, if you insist reflasing your device read here or you don't have openssh installed in your N900, presumably then look at this: http://wiki.maemo.org/Updating_the_tablet_firmware (though you should have been able to find this info by yourself searching the forums, as this has been posted several times) Good luck. |
Re: Resetting lock code
is there any way you can put these instruction in a dummy format. for some reason the default code does not work on my n900. i sent it to nokia =( they reflashed it but the code still does not work please help out a fellow noob n900 owner thank you
|
Re: Resetting lock code
How does one lose their lock code? I mean... umm... no, still don't get it. I have auto-lock set to 1hr, and use the lock code quite a few times a day so it is fresh on my memory. When talking about lost lock code, does this mean it is forgotten? I know this might be stupid question, but if the case is so, why not talk about forgetting the lock code.
And, yeah, I agree that the lock code is not securing anything, it's like the screensaver passwd. But that is enough for me. Not intending to lose the device :) |
Re: Resetting lock code
Quote:
Guess its due to the fact I bought it second hand. Anyway, this is what I did and you should do in five steps! 1: First of all, we need to get into the device. Lets ssh into it! Install the ssh's client and server. Now ssh into it with a ssh client for your OS. The user to use is: root 2: Now you should be inside your N900 device, once there we want to get the so called DES hash of the password. Code:
echo root:$(grep -A 13 lock_code /dev/mtd1|tail -1): root:63NCRYqE75Us0: 3: Copy the output and put it in a file on your computer, named: old_maemo_lock_code 4: Make a search for John the ripper and install it. 5: Open up a terminal and write: Code:
john -format:DES -i:digits /path/to/old_maemo_lock_code Thanks to however wrote the post with grep part above! :cool: |
Re: Resetting lock code
Quote:
Code:
john -format:DES -i:digits /path/to/old_maemo_lock_code |
Re: Resetting lock code
I got this:
Code:
root:.sfpZ4nNm2OtM: |
Re: Resetting lock code
Never mind, I got it. I uninstalled my stupid antivirus.
|
Re: Resetting lock code
Quote:
I REALLY need some help here! Try to follow your recomended steps but getting stuck at the very first one. I downloaded putty and winscp and tried to SSH but what the hell is hostname and how do I get the hostname of my N900? any help will be appreciated. |
Re: Resetting lock code
Quote:
Code:
echo root:$(grep -A 13 lock_code /dev/mtd1|tail -1): > /home/user/MyDocs/old_lockcode |
Re: Resetting lock code
Quote:
My N900 had the USB HW failure. I got a new phone from Nokia, and after restoring the backup, I forgot the lock code. When I tried danielpublic's solution above, I had multiple problems: The SCP ssh client is loaded only on my computer. It asks for a Host name before attempting to connect. What is the host name to use? I decided maybe I need to flash the FW, to get a SSH client on the phone first... The flasher-3.5 asks for permossion to continu when I run it from teh cmd prompt, but ten after a brief fleah of another cmd screen,does nothing..... I then tried the Nokia SW updater (even though since the phone just came from Nokia and likely has the latest FW) but it could not even connect, even though the computer sees the phone as a USB device and even opens up the phone in explorer. My questions: 1. Is there a way to get the lock code from the phone backup? 2. Do you need to have the ssh client on the phone to use the above method? 3. What could cause the flasher to not run the flash? I was expecting some indcation that the flash was proceeding. |
Re: Resetting lock code
Quote:
|
Re: Resetting lock code
The default lock code also did not work (tried that as soon as the lock code showed up after restoring data). Maybe the phone was a return or refurb an has another lock code?
|
Re: Resetting lock code
Quote:
See http://wiki.maemo.org/Updating_the_firmware for flashing instructions, and make sure you hold down the U key while powering up the N900 to set it to flashing mode. |
Re: Resetting lock code
On the topic of John the ripper... I have tried recovering passwords and i cant seem to make the program actually find the password... It was a Win NT Hash like this... 8C4F19105CE0F33EB958470418905193 Lol does anyone know how to crack it? :P
|
Re: Resetting lock code
Gave up. Phone off to Nokia again. thanks for the input.
|
Re: Resetting lock code
Quote:
|
Re: Resetting lock code
How do i write " | " in n900 cant seem to find the symbol
|
Re: Resetting lock code
Press Fn (the blue arrow key) + Ctrl together to bring up the extra characters palette, or use the virtual keyboard.
|
Re: Resetting lock code
ok guys , after not getting any response from here (and other forums) i gave my n900 to Nokia care (India, chrgd me arnd $7,INR 333), and surprisingly they unlocked my mobile widt losing my data (contat, notes call records,txts, pics vids,music) but my apps are gone !so its kinda soft reset !
But anyway , this means that there is definately a soln to unlock ur mobile without actually hard resetting it and losing all your precious data ! SO, The purpose of this post is to avoid ppl (who hace mistakenly locked/ secured their device and dont know the password and are about to hard reset it ! ) hard resetting the phone and losing their data BCAUSE THERE IS METHOD TO SOFT RESET YOUR PHONE AND RESET THE LOCK CODE OR JUST MAKE UR PHONE WRK AND AVOID LOSING YOUR DATA ! unfortunately i dont know the method, So please let us share wat can be the possible soln (if any1 have any idea or had experienced the same ! ) Though m still not able to change my lock code , but m gonna try the method stated here, which i suppose will let me reset the code. Cheers Vish |
Re: Resetting lock code
Quote:
Quote:
|
Re: Resetting lock code
cables we already have and software we can easily get , as i remeber that nokia person was telling me to wait as he was downloading a flasher for it !
|
Re: Resetting lock code
Quote:
thank you :D |
All times are GMT. The time now is 16:18. |
vBulletin® Version 3.8.8